1Kosmos unifies identity proofing, passwordless authentication and authorization on a privacy-by-design distributed ledger. Nineteen composable APIs to verify who someone is, let them prove it without a password, and govern what they can do — across workforce and customer journeys.
19 composable services on the 1Kosmos platform — 660 endpoints in all. Each is a signed REST API with a full reference, code samples and a downloadable OpenAPI spec.
Verify government-issued documents and match a live selfie to an ID — indisputable proof of identity at onboarding, in one signed API.
Orchestrate end-to-end identity-proofing sessions from reusable templates.
Issue and verify W3C verifiable credentials, held by the user.
Provision and manage user-controlled digital identity wallets.
Non-phishable, passwordless authentication — biometrics, OTP, push and journeys, federated over OIDC and SAML.
FIDO2 / WebAuthn passkey registration and authentication.
Standards-based OAuth 2.0 / OpenID Connect — authorize, token, introspect.
Govern what an authenticated identity is allowed to do — roles, fine-grained permissions and real-time decisions.
Define and evaluate the policy rules behind identity decisions.
The system of record for users — attributes, passkeys, factors and policy.
The control plane behind AdminX — manage users, communities, authentication modules, providers and policy across your tenant.
Coordinate authentication sessions across devices — the backbone of QR-code and push-to-mobile login.
Define and run identity-orchestration workflows, end to end.
Subscribe to and query identity events across your tenant.
Deliver signed platform-event callbacks to your endpoints.
Centralized tenant configuration, secrets and consent management.
Issue, authorize and rotate the license keys behind every service.
Pull tenant transaction reports and downloadable exports.
Embed identity-aware conversational and chatbot experiences.
A typical integration moves an identity from unknown to trusted, then keeps it that way.
Prove a real person is who they claim with DocuVerify — document authenticity plus a live selfie.
Issue a non-phishable credential and let users sign in passwordlessly with Authn.
Govern what each identity can do with roles and fine-grained permissions in AuthZ.
Coordinate cross-device login with Sessions and manage everything through the Admin API.
Every 1Kosmos service authenticates the same way: ECDSA key-pair signing over HTTPS. You hold a public/private key pair and a license key; sensitive payloads are signed so they can't be tampered with in transit. Your private key never leaves your environment.